From 15d38650eeab67d6a3997d4eba168206c68a0cca Mon Sep 17 00:00:00 2001 From: Jintao Zhang Date: Fri, 14 Aug 2020 14:11:09 +0800 Subject: [PATCH] vendor containerd library to v1.4.0-rc.1 Signed-off-by: Jintao Zhang --- vendor.conf | 2 +- .../containerd/remotes/docker/authorizer.go | 2 +- .../containerd/remotes/docker/fetcher.go | 6 +++ .../containerd/remotes/docker/registry.go | 9 ++++ .../containerd/remotes/docker/resolver.go | 50 +++++++++++++++---- .../containerd/remotes/docker/scope.go | 4 +- .../containerd/containerd/vendor.conf | 25 +++++----- .../containerd/containerd/version/version.go | 2 +- 8 files changed, 73 insertions(+), 27 deletions(-) diff --git a/vendor.conf b/vendor.conf index 16d87d714f..fa9ef5e0d8 100644 --- a/vendor.conf +++ b/vendor.conf @@ -122,7 +122,7 @@ github.com/googleapis/gax-go 317e0006254c44a0ac427cc52a0e google.golang.org/genproto 3f1135a288c9a07e340ae8ba4cc6c7065a3160e8 # containerd -github.com/containerd/containerd 779ef60231a555f7eb9ba82b052d59b69ca2ef10 # master / v1.4.0-beta.1-150-g779ef602 +github.com/containerd/containerd e9f94064b9616ab36a8a51d632a63f97f7783c3d # v1.4.0-rc.1 github.com/containerd/fifo f15a3290365b9d2627d189e619ab4008e0069caf github.com/containerd/continuity efbc4488d8fe1bdc16bde3b2d2990d9b3a899165 github.com/containerd/cgroups 318312a373405e5e91134d8063d04d59768a1bff diff --git a/vendor/github.com/containerd/containerd/remotes/docker/authorizer.go b/vendor/github.com/containerd/containerd/remotes/docker/authorizer.go index 59d989effa..001423a0d1 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/authorizer.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/authorizer.go @@ -273,7 +273,7 @@ func (ah *authHandler) doBearerAuth(ctx context.Context) (string, error) { // copy common tokenOptions to := ah.common - to.scopes = getTokenScopes(ctx, to.scopes) + to.scopes = GetTokenScopes(ctx, to.scopes) // Docs: https://docs.docker.com/registry/spec/auth/scope scoped := strings.Join(to.scopes, " ") diff --git a/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go b/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go index 55c01beafa..cd0168be5b 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/fetcher.go @@ -98,6 +98,9 @@ func (r dockerFetcher) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.R var firstErr error for _, host := range r.hosts { req := r.request(host, http.MethodGet, "manifests", desc.Digest.String()) + if err := req.addNamespace(r.refspec.Hostname()); err != nil { + return nil, err + } rc, err := r.open(ctx, req, desc.MediaType, offset) if err != nil { @@ -118,6 +121,9 @@ func (r dockerFetcher) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.R var firstErr error for _, host := range r.hosts { req := r.request(host, http.MethodGet, "blobs", desc.Digest.String()) + if err := req.addNamespace(r.refspec.Hostname()); err != nil { + return nil, err + } rc, err := r.open(ctx, req, desc.MediaType, offset) if err != nil { diff --git a/vendor/github.com/containerd/containerd/remotes/docker/registry.go b/vendor/github.com/containerd/containerd/remotes/docker/registry.go index ffc939b40c..7c231d9284 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/registry.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/registry.go @@ -73,6 +73,15 @@ type RegistryHost struct { Header http.Header } +func (h RegistryHost) isProxy(refhost string) bool { + if refhost != h.Host { + if refhost != "docker.io" || h.Host != "registry-1.docker.io" { + return true + } + } + return false +} + // RegistryHosts fetches the registry hosts for a given namespace, // provided by the host component of an distribution image reference. type RegistryHosts func(string) ([]RegistryHost, error) diff --git a/vendor/github.com/containerd/containerd/remotes/docker/resolver.go b/vendor/github.com/containerd/containerd/remotes/docker/resolver.go index 32b6abd906..53e42ecc5a 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/resolver.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/resolver.go @@ -22,6 +22,7 @@ import ( "io" "io/ioutil" "net/http" + "net/url" "path" "strings" @@ -276,6 +277,10 @@ func (r *dockerResolver) Resolve(ctx context.Context, ref string) (string, ocisp ctx := log.WithLogger(ctx, log.G(ctx).WithField("host", host.Host)) req := base.request(host, http.MethodHead, u...) + if err := req.addNamespace(base.refspec.Hostname()); err != nil { + return "", ocispec.Descriptor{}, err + } + for key, value := range r.resolveHeader { req.header[key] = append(req.header[key], value...) } @@ -323,6 +328,10 @@ func (r *dockerResolver) Resolve(ctx context.Context, ref string) (string, ocisp log.G(ctx).Debug("no Docker-Content-Digest header, fetching manifest instead") req = base.request(host, http.MethodGet, u...) + if err := req.addNamespace(base.refspec.Hostname()); err != nil { + return "", ocispec.Descriptor{}, err + } + for key, value := range r.resolveHeader { req.header[key] = append(req.header[key], value...) } @@ -416,10 +425,10 @@ func (r *dockerResolver) Pusher(ctx context.Context, ref string) (remotes.Pusher } type dockerBase struct { - refspec reference.Spec - namespace string - hosts []RegistryHost - header http.Header + refspec reference.Spec + repository string + hosts []RegistryHost + header http.Header } func (r *dockerResolver) base(refspec reference.Spec) (*dockerBase, error) { @@ -429,10 +438,10 @@ func (r *dockerResolver) base(refspec reference.Spec) (*dockerBase, error) { return nil, err } return &dockerBase{ - refspec: refspec, - namespace: strings.TrimPrefix(refspec.Locator, host+"/"), - hosts: hosts, - header: r.header, + refspec: refspec, + repository: strings.TrimPrefix(refspec.Locator, host+"/"), + hosts: hosts, + header: r.header, }, nil } @@ -453,7 +462,7 @@ func (r *dockerBase) request(host RegistryHost, method string, ps ...string) *re for key, value := range host.Header { header[key] = append(header[key], value...) } - parts := append([]string{"/", host.Path, r.namespace}, ps...) + parts := append([]string{"/", host.Path, r.repository}, ps...) p := path.Join(parts...) // Join strips trailing slash, re-add ending "/" if included if len(parts) > 0 && strings.HasSuffix(parts[len(parts)-1], "/") { @@ -478,6 +487,29 @@ func (r *request) authorize(ctx context.Context, req *http.Request) error { return nil } +func (r *request) addNamespace(ns string) (err error) { + if !r.host.isProxy(ns) { + return nil + } + var q url.Values + // Parse query + if i := strings.IndexByte(r.path, '?'); i > 0 { + r.path = r.path[:i+1] + q, err = url.ParseQuery(r.path[i+1:]) + if err != nil { + return + } + } else { + r.path = r.path + "?" + q = url.Values{} + } + q.Add("ns", ns) + + r.path = r.path + q.Encode() + + return +} + type request struct { method string path string diff --git a/vendor/github.com/containerd/containerd/remotes/docker/scope.go b/vendor/github.com/containerd/containerd/remotes/docker/scope.go index fa84014337..c8541c455c 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/scope.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/scope.go @@ -72,8 +72,8 @@ func contextWithAppendPullRepositoryScope(ctx context.Context, repo string) cont return WithScope(ctx, fmt.Sprintf("repository:%s:pull", repo)) } -// getTokenScopes returns deduplicated and sorted scopes from ctx.Value(tokenScopesKey{}) and common scopes. -func getTokenScopes(ctx context.Context, common []string) []string { +// GetTokenScopes returns deduplicated and sorted scopes from ctx.Value(tokenScopesKey{}) and common scopes. +func GetTokenScopes(ctx context.Context, common []string) []string { var scopes []string if x := ctx.Value(tokenScopesKey{}); x != nil { scopes = append(scopes, x.([]string)...) diff --git a/vendor/github.com/containerd/containerd/vendor.conf b/vendor/github.com/containerd/containerd/vendor.conf index 8184aa01e3..aee8ad2415 100644 --- a/vendor/github.com/containerd/containerd/vendor.conf +++ b/vendor/github.com/containerd/containerd/vendor.conf @@ -31,8 +31,8 @@ github.com/Microsoft/go-winio v0.4.14 github.com/Microsoft/hcsshim v0.8.9 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.0.1 -github.com/opencontainers/runc 67169a9d43456ff0d5ae12b967acb8e366e2f181 # v1.0.0-rc91-48-g67169a9d -github.com/opencontainers/runtime-spec 237cc4f519e2e8f9b235bacccfa8ef5a84df2875 # v1.0.3-0.20200520003142-237cc4f519e2 +github.com/opencontainers/runc v1.0.0-rc92 +github.com/opencontainers/runtime-spec 4d89ac9fbff6c455f46a5bb59c6b1bb7184a5e43 # v1.0.3-0.20200728170252-4d89ac9fbff6 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.6.0 github.com/prometheus/client_model v0.2.0 @@ -45,9 +45,9 @@ github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1 github.com/urfave/cli v1.22.1 # NOTE: urfave/cli must be <= v1.22.1 due to a regression: https://github.com/urfave/cli/issues/1092 go.etcd.io/bbolt v1.3.5 go.opencensus.io v0.22.0 -golang.org/x/net f3200d17e092c607f615320ecaad13d87ad9a2b3 +golang.org/x/net ab34263943818b32f575efc978a3d24e80b04bd7 golang.org/x/sync 42b317875d0fa942474b76e1b46a6060d720ae6e -golang.org/x/sys 9dae0f8f577553e0f21298e18926efc9644c281d +golang.org/x/sys ed371f2e16b4b305ee99df548828de367527b76b golang.org/x/text v0.3.3 google.golang.org/genproto e50cd9704f63023d62cd06a1994b98227fc4d21a google.golang.org/grpc v1.27.1 @@ -57,30 +57,29 @@ gotest.tools/v3 v3.0.2 github.com/cilium/ebpf 1c8d4c9ef7759622653a1d319284a44652333b28 # cri dependencies -github.com/containerd/cri 8448b92d237e877bed1e4aa7a0baf0dee234dbcb # master +github.com/containerd/cri 4e6644c8cf7fb825f62e0007421b7d83dfeab5a1 # master github.com/davecgh/go-spew v1.1.1 github.com/docker/docker 4634ce647cf2ce2c6031129ccd109e557244986f github.com/docker/spdystream 449fdfce4d962303d702fec724ef0ad181c92528 github.com/emicklei/go-restful v2.9.5 github.com/go-logr/logr v0.2.0 github.com/google/gofuzz v1.1.0 -github.com/json-iterator/go v1.1.9 +github.com/json-iterator/go v1.1.10 github.com/modern-go/concurrent 1.0.3 github.com/modern-go/reflect2 v1.0.1 github.com/opencontainers/selinux v1.6.0 -github.com/seccomp/libseccomp-golang v0.9.1 github.com/tchap/go-patricia v2.2.6 github.com/willf/bitset d5bec3311243426a3c6d1b7a795f24b17c686dbb # 1.1.10+ used by selinux pkg -golang.org/x/crypto bac4c82f69751a6dd76e702d54b3ceb88adab236 +golang.org/x/crypto 75b288015ac94e66e3d6715fb68a9b41bf046ec2 golang.org/x/oauth2 858c2ad4c8b6c5d10852cb89079f6ca1c7309787 golang.org/x/time 555d28b269f0569763d25dbe1a237ae74c6bcc82 gopkg.in/inf.v0 v0.9.1 gopkg.in/yaml.v2 v2.2.8 -k8s.io/api v0.19.0-beta.2 -k8s.io/apimachinery v0.19.0-beta.2 -k8s.io/apiserver v0.19.0-beta.2 -k8s.io/client-go v0.19.0-beta.2 -k8s.io/cri-api v0.19.0-beta.2 +k8s.io/api v0.19.0-rc.4 +k8s.io/apimachinery v0.19.0-rc.4 +k8s.io/apiserver v0.19.0-rc.4 +k8s.io/client-go v0.19.0-rc.4 +k8s.io/cri-api v0.19.0-rc.4 k8s.io/klog/v2 v2.2.0 k8s.io/utils 2df71ebbae66f39338aed4cd0bb82d2212ee33cc sigs.k8s.io/structured-merge-diff/v3 v3.0.0 diff --git a/vendor/github.com/containerd/containerd/version/version.go b/vendor/github.com/containerd/containerd/version/version.go index 566ee11478..75b6b018c2 100644 --- a/vendor/github.com/containerd/containerd/version/version.go +++ b/vendor/github.com/containerd/containerd/version/version.go @@ -23,7 +23,7 @@ var ( Package = "github.com/containerd/containerd" // Version holds the complete version number. Filled in at linking time. - Version = "1.4.0-beta.2+unknown" + Version = "1.4.0-rc.1+unknown" // Revision is filled with the VCS (e.g. git) revision being used to build // the program at linking time.